摘要:Security engineering is about protecting assets from harm. The feature interaction problem occurs when the composition of features leads to undesirable system behaviours. Usually, this problem manifests itself as conflicting actions of features on a shared context. Security requirements may be violated by feature interactions creating security vulnerabilities which can potentially be exploited by attackers. In thispaper, we discuss the feature interaction problem and some of its possible implications for security requirements. The paper concludes that (1) the detection of the violation of security requirements by feature interactions is not different from other types of requirements - what differs is the impact of such violation; and (2)feature interaction detection approaches can be used as a means for vulnerability analysis.
Loading...
